[ubuntu/focal-updates] squid 4.10-1ubuntu1.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Mar 29 13:59:27 UTC 2021
squid (4.10-1ubuntu1.3) focal-security; urgency=medium
* SECURITY UPDATE: Request Smuggling and Poisoning issue
- debian/patches/CVE-2020-15049.patch: validate Content-Length value
prefix in src/http/ContentLengthInterpreter.cc,
src/http/ContentLengthInterpreter.h.
- CVE-2020-15049
* SECURITY UPDATE: HTTP Request Smuggling issue
- debian/patches/CVE-2020-25097.patch: Add slash prefix to path-
rootless or path-noscheme URLs in src/anyp/Uri.cc.
- CVE-2020-25097
Date: 2021-03-25 18:03:08.763065+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/squid/4.10-1ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list